top of page

Horton Cloud


These terms and conditions are a legal agreement entered into between Horton Cloud Solutions Inc. ("Horton” or "Horton Cloud") and the client ("Client”) identified in a Statement of Work that incorporates or references these terms and conditions. Together, these terms and conditions, any terms and conditions or Statements of Work that reference them, and any attachments, addenda, and exhibits thereto are collectively the Agreement (“Agreement”).

1. Definitions.
1.1. The following terms shall have the following meanings. All capitalized terms not otherwise set out in this section shall have the meaning as set out in the section of these terms and conditions in which they are defined.
(a) “
Affiliate” means, with respect to any party to the Agreement, any person, partnership, joint venture, company, corporation, or other entity which directly or indirectly controls, is controlled by, or is under common control with such party where “control” (or variants of it) means the ability to direct the affairs of another by means of ownership, contract or otherwise.
(b) “
Business Day” means any day except Saturdays, Sundays, or a statutory holiday.
(c) “
Change Order” has the meaning given to the term in Section 5.1.
(d) “
Fees” means the fees payable by the Client to Horton Cloud, including all applicable duties, levies, taxes, or similar governmental assessments of any nature, including but not limited to value added, goods and services, sales and use, or withholding taxes, assessable by any local, state, provincial, federal, or foreign jurisdiction, if any.
(e) “
Intellectual Property” means all systems, applications, software code (in any form, including source code, executable or object code), original works of authorship, algorithms, tool-kits, technology, widgets, formulae, programs, concepts, work-arounds, databases, designs, diagrams, documentation, drawings, charts, ideas, inventions (whether or not such inventions are patentable),know-how, trademarks (whether registered or not), brand names, logos, slogans, methods, techniques, models, procedures, and processes.
(f) “
Intellectual Property Rights” means all: (a) copyrights, (b) moral rights, (c) rights associated with works of authorship, (d) trademark rights, (e) trade name rights, (f) trade secret rights, (g) patent and industrial property rights (whether registered or not), and (h) other proprietary rights, in Intellectual Property.
(h) “
Services” means the consulting services to be provided by Horton Cloud to the Client as described in the Agreement, and any related SOW(s) and includes any resulting deliverables.
(i) “
Statement(s) of Work” or “SOW(s)” means any statements of work including any changes and modifications to them, that describe the Services to be provided by Horton Cloud to the Client.

2. SOWs and Provision of Services
2.1. Provision of Services. Horton Cloud shall provide the Services to the Client in accordance with the terms of the Agreement.
2.2. SOWs. If there is a conflict between the terms of a SOW and these terms and conditions, these terms and conditions shall prevail unless explicitly overridden with a cross-reference to this provision. For conflicts related to indemnification, Intellectual Property, limitations of liability, confidentiality, or data privacy, these terms and conditions will always prevail for the purpose of that conflict.
2.3. Location and Travel. If Horton Clouds’ employees or subcontractors are required to travel in order to perform the Services contemplated in a SOW, the Client shall reimburse Horton Cloud for reasonable air travel and other business-related expenses incurred by Horton Cloud in performing the Services but only to the extent that the Client has expressly approved such expenses in writing in advance. In the event Horton Clouds’ employees or subcontractors are required to travel for the provision of the Services, the Client shall provide a meal allowance per day of travel. Reimbursement of such reimbursable expenses shall be made by the Client upon submission by Horton Cloud of a statement itemizing the expenses incurred and such other satisfactory evidence requested by the Client, acting reasonably.
2.4. Affiliates and Subcontractors. Horton Cloud may use its Affiliates and/or subcontractors to perform the Services. Horton Cloud shall be liable for the actions and omissions of its Affiliates and subcontractors to the same extent as if such actions and omissions were performed directly by Horton Cloud, and for purposes of the Agreement, all work performed by Horton Clouds’ Affiliates and subcontractors shall be deemed work performed by Horton Cloud. Horton Cloud shall be Client's sole point of contact regarding the Services, including with respect to payment of the Fees.

3. Workflow and Access
3.1. Client’s Obligations. The parties will participate in a collaborative and cooperative development process where Horton Cloud will regularly delivery iterations of its work to the Client for review and input. Therefore, successful completion of the Services and in accordance with the applicable SOWs is expressly conditioned on the engagement and active participation of the Client which includes providing Horton Cloud with timely and decisive feedback upon Horton Clouds’ request. Horton Clouds’ successful performance of the Services is also dependent on the following responsibilities being managed and fulfilled by the Client, at no charge to Horton Cloud. The Client will:
(a) ensure that sufficient and appropriate Third-Party Developer licenses are purchased, as required;
(b) take reasonable steps to ensure that all Client personnel participating in the Services are knowledgeable about the Services;
(c) appoint a representative to supervise and coordinate the Client’s performance of its obligations under the Agreement, including on each SOW. The representative will interact with Horton Cloud in a professional and prompt manner. Client’s representative will have the necessary expertise and authority to act on behalf of the Client;
(d) not require Horton Cloud to work with its competitors that Horton Cloud believes, acting reasonably, may be exposed to Horton Clouds’ Confidential Information;
(e) provide Horton Cloud with prompt access to the Client’s systems, data, and documentation, as may reasonably be required by Horton Cloud to facilitate the provision of the Services;
(f) be responsible for the content of any database, the selection and implementation of controls on access and use, backup and recovery of its data, and security of stored data, including implementing any procedures necessary to safeguard the integrity and security of software and data accessed by Horton Cloud in the provision of the Services;
(g) provide Horton Cloud with prompt access to necessary personnel, as may reasonably be required by Horton Cloud;
(h) use the Services only for their intended purpose;
(i) comply with all applicable law;
(j) provide appropriate direction, as requested by Horton Cloud; and
(k) perform appropriate and timely testing as agreed in a SOW or as agreed between the parties.

3.2. Horton Clouds’ Obligations. In addition to the warranties provided by Horton Cloud at Section 7 (Warranties) of these terms and conditions, Horton Cloud will provide the Services to the Client:
(a) in accordance with industry standards;
(b) in accordance with any timelines described in a SOW or Change Order, subject to Client meeting its obligations in that SOW or Change Order and herein;
(c) so as to materially meet the specifications in a SOW or otherwise as mutually agreed by the parties in writing, subject to the Client meeting its obligations in such a SOW or Change Order or as mutually agreed by the parties in writing;
(d) with personnel knowledgeable about the Services who are under appropriate supervision; and
(e) in accordance with applicable law.
Horton Cloud will determine the methods, details, and means of performing the Services, except as may be specifically identified in a particular SOW.

3.3. Client Delays. In the event of any delays in the provision of the Services or any part thereof that are attributable to the Client (“Client Delays), Horton Cloud may:
(a) invoice the Client the rates contained in the SOW, or if no rates are contained in the SOW, then Horton Clouds’ list rates, for the hours Horton Cloud uses to accommodate the Client Delay and the hours Horton Cloud is not able to reallocate as a result of the Client Delays;
(b) change its resource team allocated to the Services; and
(c) require further changes to the timeline for the provision of the Services, and the Client agrees that such further delays shall not constitute a default by Horton Cloud.


4. Payment Terms
4.1. Terms of Payment. The Client will pay all Fees in accordance with the payment terms as set out in the Agreement including in the applicable SOW. Unless otherwise provided in the relevant SOW, Horton Cloud will invoice the Client twice per month and the Client will pay the Fees in respect of such invoice within thirty days of the date of such invoice. All invoices are deemed accepted by the Client within five Business Days after they have been delivered to the Client. All amounts owing on account of past due invoices will incur interest at a rate of 1.5% per month (18% per annum equivalency), calculated monthly (or if such interest rate is not permitted by applicable law, then the maximum interest rate permitted by applicable law), until such time as they are paid in full. Client shall be responsible for legal fees incurred by Horton Cloud for the collection of any unpaid invoices.
4.2. Fees. Fees for the Services shall be specified, or calculable in the applicable SOW.

5. Changes
5.1. In the event either Horton Cloud or the Client requires a material change to the scope of work, the timeline, the Services, or the Fees set out in a SOW, the party requesting such change shall communicate such change to the other party in writing and will provide the other party with a reasonable opportunity to assess the impact of such changes. If the parties agree to such changes, such acceptance will be evidenced in writing by way of a mutually executed change order (“Change Order”) or by secured electronic means between Client and Horton Cloud, including but not limited to email and such changes will be incorporated into the Agreement. Neither party will be required to agree to any changes that materially change the Services or have a material impact on the business of the party.

6. Deployment
6.1. For each SOW, to the extent deployment is required, Horton Cloud and the Client shall use reasonable efforts to set a deployment schedule: (i) at the commencement of the Services; or (ii) if Horton Cloud and the Client are unable to set a deployment schedule at the commencement of the Services, at least 45 days in advance of the anticipated deployment date. In the event the Client requires a change to the deployment schedule that is not a result of Horton Clouds’ acts or omissions, the Client shall notify Horton Cloud no later than 10 Business Days prior to the scheduled deployment date. A change in the deployment schedule may constitute a Client Delay.

7. Warranties
7.1. Horton Cloud hereby represents and warrants that: (i) it is duly registered and validly exists under the laws of the jurisdiction in which it is registered; (ii) it has the legal right, authority and full power to enter into the Agreement and to perform its obligations under the Agreement; (iii) it will provide all Services in a professional and workmanlike manner consistent with then-current applicable industry standards and practices, (iv) it owns all rights, title, and interest in and to, and sole and exclusive ownership of the documentation and any material claimed by it to be its Intellectual Property which do not and will not infringe any third party’s Intellectual Property Rights, and (v) it will comply with all laws, regulations and ordinances applicable to its performance under the Agreement.
7.2. Horton Clouds’ core business is implementing and customizing third party cloud software, developed by third parties (“Third Party Developers”). Horton Cloud makes no representations or warranties regarding Third Party Developers or their software, to anyone, express, implied, or statutory. Third Party Developers may require the Client to enter into license agreements or pay license fees for the use of their software which, unless expressly set out herein or in a SOW, are not included in the Fees. Except as expressly set out in a SOW, Horton Cloud will not be responsible for any fixes, patches, or replacement code that may be required as a result of any software changes made by Third Party Developers.
7.3. The warranties provided in these terms and conditions comprise all the warranties made with respect to the Services. Any other representations, warranties, conditions, or other terms, whether express or implied and including, without limitation, implied warranties, conditions and other terms of merchantability, satisfactory quality or fitness for a particular purpose, are expressly excluded to the extent permitted by applicable law.

8. Indemnification
8.1. Each party (the “Indemnitor”) agrees to defend, hold harmless and indemnify the other party (“Indemnitee”), its officers, directors, employees, agents, and subcontractors from and against any and all expenses, loss or liability incurred by the Indemnitee, its officers, directors, employees, agents, or subcontractors as a result of any third-party claims arising from the gross negligence, willful misconduct or fraud of the Indemnitor. Horton Cloud agrees to defend, hold harmless and indemnify the Client, its officers, directors, employees, agents, and subcontractors from and against any and all expenses, loss or liability incurred by them arising as a result of: (a) any fines, penalties and levies assessed against Client by a regulatory authority or governmental entity having authority over Client as a result of Horton Clouds’ failure to comply with applicable law in the performance of services under the Agreement; and (b) any claim that Horton Cloud Intellectual Property infringes upon or violates any Intellectual Property Rights of any third party. The foregoing indemnification obligations of the Indemnitor are conditional upon the Indemnitee providing the Indemnitor with prompt written notice of any such claim or action. Any failure to provide such notice shall only relieve the Indemnitor of its indemnification obligations under these terms and conditions to the extent the Indemnitor can demonstrate actual, material prejudice to its ability to mount a defense as a result of such failure. The Indemnitor shall have sole control over the defence of any such claim or action and the Indemnitee shall cooperate in such defence. The Indemnitor shall obtain the Indemnitee’s prior written consent, which consent shall not be unreasonably withheld or delayed, for any settlement or compromise of any claim that does not include the unconditional release of the Indemnitee from the indemnified liability hereunder or requires any specific performance, non-pecuniary remedy or for the payment of any amount by the Indemnitee.

8.2 Client shall indemnify, defend, and hold harmless Horton Cloud, its affiliates, officers, directors, employees, agents, licensors, and subcontractors from and against any and all claims, damages, liabilities, losses, costs, and expenses, including reasonable attorneys' fees, as a result of any claims arising from a security and/or data incident during and after the execution of the Services set out in the Agreement including but not limited to any claims related to the loss /deletion of data, a breach of data security, or a breach of the solution security.

8.3. If Horton Cloud believes that the Intellectual Property may be subject to any claim of infringement, and if Client’s use of the Intellectual Property is held to infringe and its use is enjoined, then Horton Cloud will, at Horton Clouds’ own expense and option: (i) procure for Client the right to continue using the Intellectual Property; or (ii) replace same with non-infringing Intellectual Property; or (iii) modify the Intellectual Property so that it becomes non-infringing. If none of the foregoing is available on terms that are commercially reasonable for Horton Cloud, then Horton Cloud may terminate Client’s rights to access and use the Intellectual Property that requires the infringing Intellectual Property. Horton Cloud has no obligation with respect to any actual or claimed infringement if the infringement is solely caused by Client data, use of the Services other than as specified in any documentation provided by Horton Cloud, or combination of the Services with any products, software, services, data or other materials not provided by, required by, or approved by Horton Cloud, unless such use is necessary in order to use the Services.

9. Limitation of Liability

10. Intellectual Property
10.1. All Intellectual Property made available or disclosed to the Client as part of the Services, under any SOW or otherwise, or that is contained in past services provided by Horton Cloud (collectively, “Horton Cloud Intellectual Property”), and all Intellectual Property Rights in Horton Cloud Intellectual Property are and shall remain the sole and exclusive property of Horton Cloud. Except for the license to Horton Cloud Intellectual Property pursuant to Section 10.2 of these terms and conditions, the Client is granted no right, title, or interest in the Horton Cloud Intellectual Property.
10.2. Horton Cloud grants to the Client a worldwide, perpetual, non-exclusive, royalty free license (the “License”) to use the Horton Cloud Intellectual Property solely for the Client’s internal purposes as part of the Services or as part of any systems implemented by Horton Cloud in the provision of the Services. The License does not apply to Horton Clouds’ proprietary tools used to perform the Services. Licences for such tools are not included in the SOW unless explicitly provided therein. Other than the License, no ownership or license in any Horton Cloud Intellectual Property is granted to the Client and, for greater certainty, but without limitation, the Client shall not be granted any rights to license, sub-license, sell, assign, transfer, or grant the Horton Cloud Intellectual Property to any third parties without the prior express written consent of Horton Cloud.
10.3. All Intellectual Property that was owned by or developed by or acquired by the Client or its Affiliates separate from the Agreement and without any use of the Services or the Horton Cloud Intellectual Property (collectively, “Client Intellectual Property”) shall remain the exclusive property of the Client. No rights of any kind shall be granted to Horton Cloud in the Client Intellectual Property or any Confidential Information belonging to the Client, save and except that Horton Cloud shall have a limited license to use the Client’s Intellectual Property to the extent necessary to provide the Services.

11. Confidential Information
11.1. For the purposes of the Agreement, “Confidential Information” means any information that is disclosed by one party (the “Disclosing Party”) to the other party (the “Receiving Party”) in the course of Horton Cloud providing the Services to the Client and that a reasonable person would consider to be confidential in the circumstances. Confidential Information includes, but is not limited to, the parties’ business information, customer information, trade secrets, the terms of each SOW, and personal information of the parties’ employees, contractors and customers. Confidential Information does not include any information that is disclosed by one party to another party if that information: (a) is at the time of disclosure in the possession of the Receiving Party or any of its Affiliates and was obtained without an obligation of confidence; (b) is independently developed by the Receiving Party or any of its Affiliates without any use of or reference to the Confidential Information; (c) is or becomes publicly available without the Receiving Party’s breach of any obligation of confidence; (d) is acquired by the Receiving Party from a third party who provided the information without breaching any express or implied obligations or duties to the Disclosing Party; or (e) is intentionally released for disclosure by the Disclosing Party or with the Disclosing Party’s prior written consent.
11.2. Each of Horton Cloud and the Client agree with the other that it shall:
(a) take all reasonable steps to maintain the confidentiality of the other party’s Confidential Information;
(b) not copy the Confidential Information except as may reasonably be required by Horton Cloud in the provision of the Services;
(c) not use the Confidential Information for its own purposes;
(d) safeguard all documents containing Confidential Information against theft, damage or access by unauthorized persons;
(e) use the same degree of care with respect to the Confidential Information as it employs with respect to its own proprietary or confidential information of like importance; and
(f) except as required by law or a valid court order, and subject to the Receiving Party informing the Disclosing Party of such legal requirement, only disclose such Confidential Information to those officers, directors, officers, employees, agents, and subcontractors (“
Receiving Party’s Personnel”) who need to know in order to perform their obligations under the Agreement. The Receiving Party will ensure that the Receiving Party’s Personnel who need to know the Confidential Information agree to maintain the confidentiality of such Confidential Information on terms no less stringent than the terms of these herein confidentiality provisions.
11.3. Upon termination of the Services, each party will, without undue delay, upon written request from the other party, return to the other party or destroy all Confidential Information of the other party in its possession or control. Notwithstanding anything contained herein to the contrary, Receiving Party shall not be obligated to destroy Confidential Information to the extent otherwise required by law, regulation, legal, regulatory or judicial process, rule or practice governing professionals or any internal compliance policy or procedure relating to the safeguarding or backup storage of data
11.4. Unless otherwise expressly prohibited, Horton Cloud may use the name, logo, and identifying description of the Client in its list of customers and Horton Cloud may generally make known the relationship between Horton Cloud and the Client. In the event the Client has brand guidelines and notifies Horton Cloud of those brand guidelines, Horton Cloud will only use the Client’s name and logo in accordance with the Client’s brand guidelines.

12. Term and Termination
12.1. Either party may terminate the Agreement by providing written notice if the other party:
(a) is in material breach of the Agreement (including, without limitation, failure to pay the Fees) and such breach has not been cured within thirty (30) days, or such time period as is mutually agreed upon by the parties, of the provision of notice of such breach to the breaching party; or
(b) is or becomes insolvent or bankrupt, becomes the subject of any proceedings under bankruptcy, insolvency or debtor’s relief law, has a receiver, administrator or manager appointed, makes an assignment for the benefit of creditors or takes the benefit of any applicable law or statute in force for the winding up or liquidation of corporations.

12.2. The covenants contained in these terms and conditions under Sections 1 (Definitions), 2.2 (SOWs), 3.1 (Client’s Obligations), 4 (Payment Terms), 7 (Warranties), 9 (Limitation of Liability), 10 (Intellectual Property), 11 (Confidential Information), 13 (Non-Solicitation), 14 (Force Majeure), 15 (Data and Privacy Protection), 17 (General), and this part shall survive the termination of the provision of the Services and the Client hereby acknowledges and agrees that the provisions of and all restrictions contained in these terms and conditions are reasonable and are necessary for the protection of the parties’ legitimate interests and proprietary rights and are an essential condition of the Agreement.

13. Non-Solicitation
13.1. During the term of the Agreement, and for a period of twelve (12) months after completion of the Services thereunder, neither party will, without the prior written consent of the other party, directly or indirectly, either alone or in conjunction with any individual, firm, corporation, association or other entity, approach, solicit or attempt to solicit the employment of any employee of the other party who has been employed by the other party at any time on or after the Effective Date. Notwithstanding the foregoing, an employee of a party responding to a general advertisement for an employment position shall not, in and of itself, constitute a breach of this section. In the event of a breach of this section, the breaching party acknowledges and agrees that monetary damages may not be an adequate remedy to compensate for such breach and accordingly that, in addition to any and all other remedies available under the Agreement or at law or in equity, the non-breaching party shall be entitled to seek relief by way of a temporary or permanent injunction to enforce such obligations.

14. Force Majeure
Neither party to the Agreement shall be liable for any failure to comply with its obligations under the Agreement if the failure to comply is caused by or results from conditions or causes beyond its reasonable control including, but not limited to: shortage of water, power, acts of God, war, terrorism, riots, fire, flood, explosion, governmental controls or regulations, embargoes, wrecks or delays in transportation, labour disputes, civil insurrection, civil or military authority, inability to obtain necessary labour, materials of manufacturing faculties due to such causes or delays of subcontractors or supplies of each party in furnishing materials or supplies due to one or more of the foregoing causes. In an event of a force majeure, each party shall be allowed a reasonable period of time to fulfill the obligations under the Agreement having regard to the applicable circumstances. An event of force majeure shall not relieve the Client of its payment obligations pursuant to the Agreement.

15. Data and Privacy Protection

15.1. Should Horton Clouds’ provision of Services require it to process Personal and/or Sensitive Data, Horton Cloud shall do so in accordance with and Client shall have the obligations as set out in the Data Processing Addendum found below. Any capitalized term in this Section not defined at Section 1 of these terms and conditions shall have the meaning ascribed to it in the Data Processing Addendum. If not expressly set out in a SOW and discovered during the Agreement, a Change Order will be executed between Horton Cloud and the Client to outline additional data processing requirements and any additional fees. 


16. Dispute resolution.
16.1. Negotiation
. If there is a dispute or difference (“Dispute”) between the parties arising out of or in connection with the Agreement, then within five (5) business days of a party notifying the other party in writing of the Dispute, a senior representative from each party shall meet and use all reasonable endeavours acting in good faith to resolve the Dispute by joint discussions.
16.2. Court proceedings and other relief. A party may not start court proceedings in relation to a Dispute until it has exhausted the procedures in Section 16.1, unless the party seeks injunctive or other interlocutory relief.
16.3. Continued Performance. Both parties must continue performing their respective obligations and responsibilities under the Agreement while any Dispute is being resolved in accordance with this Section 16, unless and until such obligations are terminated or expire in accordance with the provisions of the Agreement.
16.4. Equitable Remedies. The Parties agree that monetary damages may be an inadequate remedy for any breach or threatened breach of any provision of these terms and conditions concerning Confidential Information, Intellectual Property Rights or other matters for which equitable rights may be granted. Accordingly, such provision may be enforced by injunction or other order of a court of competent jurisdiction.

17. General
17.1. Headings
. The headings used in these terms and conditions are for convenience and reference only and shall not affect the construction or interpretation of these terms and conditions. The term “this part” when used herein shall mean the entire part, including sections and subsections within that part, unless inconsistent with the context of such use.
17.2. Currency. Except where otherwise expressly provided, all monetary amounts in the Agreement are stated and shall be paid in U.S. currency.
17.3. Relationship of the Parties. The parties are independent contractors. The Agreement shall not be construed as creating any partnership, joint venture, or agency among the parties and no party shall be deemed to be the legal representative of any other party for the purposes of the Agreement. No party shall have and shall not represent itself as having, any authority to act for, to undertake any obligation on behalf of any other party, except as expressly provided in the Agreement.
A party may make known the relationship between Horton Cloud and the Client, provided that such party does not disclose any Confidential Information of the other party or proprietary details of the Services.

17.4. Gender, Plural and Singular. In these terms and conditions, unless the context otherwise requires, the masculine includes the feminine and the neuter genders and the plural includes the singular and vice versa, “or” is not exclusive and “including” is not limiting, and modifications to the provisions of the Agreement may be made accordingly as the context requires.
17.5. Alterations. No alteration or amendment to the Agreement shall take effect unless it is in writing duly executed by each of the parties.
17.6. Proper Law of Agreement. The Agreement shall be governed by and construed in accordance with the laws of the Province of British Columbia and the laws of Canada applicable therein without regard to the conflicts of law principles, and the parties agree to attorn to the exclusive jurisdiction of British Columbia.
17.7. Invalidity. The invalidity or unenforceability of any provision of these terms and conditions shall not affect the validity or enforceability of any other provision and any such invalid or unenforceable provision shall be deemed to be severable.
17.8. Notices. Any notice, payment or other communication required or permitted to be given or served pursuant to the Agreement shall be in writing and shall be delivered personally or by email to the party concerned at the address specified in these terms and conditions, or to any other address as may from time to time be notified in writing by any of the parties. In the case of Horton Cloud, any such notices must also be copied and sent by email to Any notice, payment or other communication shall be deemed to have been given on the day delivered, if delivered by hand, and within four Business Days following the date of posting, if mailed; provided that if there shall be at the time or within four Business Days of mailing a mail strike, slow-down or other labour dispute that might affect delivery by mail, then the notice, payment or other communication shall be effective only when actually delivered.
17.9. Entire Agreement. The provisions of the Agreement, including the DPA, constitute the entire agreement between the parties and supersede all previous communications, representations and agreements, whether oral or written, between the parties with respect to the subject matter of the Agreement.
17.10. No Strict Construction. The language in all parts of these terms and conditions shall in all cases be construed as a whole and neither strictly for, nor strictly against, any of the parties to the Agreement.
17.11. Assignment. Except with written consent of the other party, neither party may assign any of their respective benefits, obligations or liabilities under or in respect of the Agreement, provided, however that: (a) Horton Cloud may assign the Agreement to an Affiliate of Horton Cloud, at its sole discretion; and (b) either party may assign the Agreement, in its entirety, in the event of sale of all or substantially all of its assets or a merger or acquisition. No assignment shall relieve the assigning party of any of its obligations hereunder.
17.12. Enurement. The Agreement shall enure to the benefit of and be binding upon the parties and, except as otherwise provided or as would be inconsistent with the provisions of the Agreement, their respective heirs, executors, administrators, successors and permitted assigns.
17.13. Counterparts. The Agreement may be signed by the parties in as many counterparts as may be necessary, each of which so signed shall be deemed to be an original and such counterparts together shall constitute one and the same instrument. The Agreement may be executed and delivered electronically. An executed copy of the Agreement delivered electronically will constitute valid execution and delivery.


This Data Processing Addendum (this "DPA") is effective on the effective date of the Agreement.


This DPA is supplemental to the Agreement and sets out the terms that apply when Personal Data is Processed by Horton Cloud Solutions Inc. (“Horton Cloud” or “Company”) under the Agreement.

1.    Definitions

1.1    For the purposes of this DPA, the following terms shall have their respective meanings set forth below and other capitalized terms used but not defined in this DPA have the same meanings as set forth in the Agreement:

(a)    “Affiliate” means, with respect to any party to the DPA, any person, partnership, joint venture, corporation, or other entity which directly or indirectly controls, is controlled by, or is under common control with such party where “control” (or variants of it) means the ability to direct the affairs of another by means of ownership, contract or otherwise.
(b)    "
Agreement" means the legal agreement entered into between Company and Client, to which this DPA is attached or incorporated by reference providing for the provision by Company to Client of the Services described therein.
(c)    "
Controller" means the entity which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data pursuant to Data Protection Laws, typically the Client.
(d)    “
Data Protection Laws” means any and all applicable national, international, provincial, federal, state and local laws and regulations relating to data protection, data privacy, data security, or the Processing of Personal Data, including (where applicable) EU Data Protection Legislation, the California Consumer Privacy Act (“CCPA”) (California Civil Code §§ 1798.80, et seq.), and any other provincial or state privacy laws that may take effect during the term of the Agreement.
(e)    “
Data Subject” has the meaning given in the GDPR.
(f)    "
EEA" means the Member States of the European Union together with Iceland, Norway, and Liechtenstein.
(g)    "
EU Data Protection Legislation" means Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC ("GDPR") (as amended, replaced or superseded).
(h)    "
Personal Data" means any information relating to an identified or identifiable natural person.
(i)    "
Privacy Shield" means the EU-U.S. and Swiss-U.S. Privacy Shield self-certification program operated by the U.S. Department of Commerce.
(j)    "
Processing" has the meaning given in the GDPR and includes any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
(k)    "
Processor" means an entity which Processes Personal Data on behalf of the Controller, typically the Company.
(l)    "
Security Incident" means confirmed accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data caused by Company’s acts or omissions.
(m)    "
Sensitive Data" means (a) racial or ethnic origin; (b) political opinions; (c) religious or philosophical beliefs; (d) trade union membership; (e) genetic data; (f) biometric data for the purpose of uniquely identifying a natural person; (g) data concerning health; (h) data concerning a natural person's sex life; (i) sexual orientation; and (ii) without limiting the foregoing, any additional information that falls within the definition of "special categories of data" under EU Data Protection Legislation or Data Protection Laws.

(n)    “Standard Contractual Clauses” means the Standard Contractual Clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council as at the Effective Date or any subsequent version thereof released by the European Commission (which will automatically apply).
(o)    “
Client” means the party who entered into the Agreement with Company and any successor of same. The person agreeing to this DPA represents and warrants that he / she is authorized to enter into the DPA on behalf of the party, entity, or organization using the Services. 

2.    Relationship with Agreement

2.1    Except as amended by this DPA, the Agreement will remain in full force and effect.
2.2    If there is a conflict between the Agreement and this DPA, the terms of this DPA will control with respect to the subject matter of the DPA.
2.3    Any claims brought under this DPA shall be subject to the terms and conditions, including but not limited to, the exclusions and limitations set forth in the Agreement.

General Data Protection Obligations

3.    Roles and responsibilities
3.1    Parties' Roles. With respect to the Processing of Personal Data, Client, as Controller or Processor, as applicable, appoints Company, as a Processor or Sub-processor, as applicable, to Process the Personal Data described in Annex A on Client’s behalf. The Parties agree that, for the purposes of the Agreement and this DPA, Company is a “service provider” and Client is a “business” consistent with the definitions under the CCPA.
3.2    Purpose Limitation. Company shall Process the Personal Data for the purposes described in Annex A and only in accordance with Client’s lawful, written instructions, except where otherwise required by applicable law. The Agreement and this DPA sets out Client’s complete instructions to Company in relation to the Processing of the Personal Data and any Processing required outside of the scope of these instructions will require prior written agreement between the parties. Client acknowledges that Company shall have a right to Process Personal Data in order to provide the Services to Client, fulfill its obligations under the Agreement, and for legitimate purposes relating to the operation, support and/or use of the Services such as billing, account management, technical maintenance and support, product development, and sales and marketing. Under no circumstances will Company rent or sell Personal Data. 
3.3    Prohibited Data. Unless the Processing of Sensitive Data is otherwise permitted by Data Protection Laws or Client obtains Company’s prior written consent, Client will not provide (or cause to be provided) any Sensitive Data to Company for Processing under the Agreement, and Company will have no liability whatsoever for Sensitive Data, whether in connection with a Security Incident or otherwise. For the avoidance of doubt, the obligations of Company under this DPA will not apply to Sensitive Data unless the Processing of Sensitive Data is otherwise permitted by Data Protection Laws or Client has obtained Company’s prior written consent.
3.4    Description of Processing. A description of the nature and purposes of the Processing, the types of Personal Data, categories of Data Subjects, and the duration of the Processing are set out further in Annex A.
3.5    Compliance. Client shall be responsible for ensuring that:
(a)    Client has complied, and will continue to comply, with Data Protection Laws, in Client’s use of the Services and Client’s own Processing of Personal Data, including by providing notice and obtaining all consents and rights necessary under Data Protection Laws for Company to process Personal Data; and
(b)    Client has, and will continue to have, the right to transfer, or provide access to, the Personal Data to Company for Processing in accordance with the terms of the Agreement and this DPA.
(c)    Client shall not provide Company with any credit, debit or other payment cardholder information.


4.    Data Security
4.1    Security. Company shall implement and maintain appropriate technical and organizational measures designed to protect the Personal Data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, including as appropriate, the measures referred to in Article 32(1) of the GDPR. Notwithstanding the above, Client agrees that Client is responsible for Client’s secure use of the Services, including securing Client’s account authentication credentials, protecting the security of Personal Data when in transit, and taking any appropriate steps to backup Personal Data.
4.2    Security Exhibit. The technical and organizational security and privacy measures which the Company shall have in place under the Agreement are set out within a dedicated document that is available upon written request from the Client.


5.    Additional security
5.1    Confidentiality of Processing. Company shall ensure that any person that it authorizes to Process the Personal Data shall be subject to a duty of confidentiality (whether a contractual or a statutory duty).
5.2    Security Incidents. Upon becoming aware of a Security Incident caused or contributed to by Company, Company shall notify Client without undue delay and shall provide such timely information as Client may reasonably require, including to enable Client to fulfil any data breach reporting obligations under Data Protection Laws. Company shall take appropriate and commercially reasonable steps to investigate and mitigate the effects of such a Security Incident on the Personal Data under this Agreement. This section 5
.2 does not apply to Security Incidents that are caused by Client, including Client’s employees, partners, subcontractors, or agents.


6.    International Transfers

To the extent that the Processing of Personal Data by Company involves the export of such Personal Data to a third party in a country or territory outside the EEA, such export shall be:
(a)    to a country or territory ensuring an adequate level of protection for the rights and freedoms of Data Subjects as determined by the European Commission;
(b)    to a third party that is a member of a compliance scheme recognized as offering adequate protection for the rights and freedoms of Data Subjects as determined by the European Commission, such as, but not limited to the Privacy Shield; or
(c)    governed by the Standard Contractual Clauses with Client as exporter and Company as importer. 
Client agrees that this DPA constitutes Client’s written authorization for Company and its sub-processors to Process Personal Data anywhere in the world where Company or its sub-processors maintain data Processing operations.


7.    Sub-Processing
7.1    Sub-Processors. Client agrees that this DPA constitutes Client’s written authorization for Company to engage Affiliates and third-party sub-processors (collectively, "Sub-processors") to Process the Personal Data on Company’s behalf, including Sub-processors engaged by Company. The current list of Sub-processors is captured in Annex B. Com
pany will notify Client of any additional Sub-processor being appointed, by electronic means or other reasonable means. 
7.2    Objection to Sub-Processors. Client may object in writing, stating Client’s reasonable grounds for the objection, to the appointment of an additional Sub-processor within five (5) calendar days after receipt of Company’s notice in accordance with the mechanism set out at Section 7.1 above. In the event that Client objects on reasonable grounds relating to the protection of the Personal Data, then the parties shall discuss commercially reasonable alternative solutions in good faith. If no resolution can be reached, Company will, at its sole discretion, either not appoint such Sub-Processor, or permit Client to suspend or terminate the Services in accordance with the termination provisions of the Agreement. In the event that Client suspends or terminates the Services in accordance with the preceding sentence, Client shall immediately pay all fees and costs then owing and all fees and costs incurred by Company as a result of the termination.
7.3    Sub-processor obligations. Where a Sub-processor is engaged by Company as described in this Section 7, Company shall:
(a)    enter into a written agreement with the Sub-processor imposing data protection terms that require the Sub-processor to protect the Personal Data to the standard required by Data Protection Laws; and
(b)    remain responsible for any breach of the DPA caused by a Sub-Processor.


8.    Cooperation
8.1    Cooperation and Data Subjects' rights. Company shall, taking into account the nature of the Processing, provide commercially reasonable assistance to Client insofar as this is possible, to enable Client to respond to requests from a Data Subject seeking to exercise their rights under Data Protection Laws in the event Client does not have the ability to implement such requests without Company’s assistance. In the event that such request is made directly to Company, Company shall, unless prohibited by law, promptly inform Client of the same. To the extent legally permitted, Client shall be responsible for any costs arising from Company’s provision of such assistance.
8.2    Data Protection Impact Assessments. Company shall, to the extent required by EU Data Protection Legislation and at Client’s sole expense, taking into account the nature of the Processing and the information available to Company, provide Client with commercially reasonable assistance with data protection impact assessments or prior consultations with data protection authorities that Client are required to carry out under Data Protection Laws.


9.    Security reports and audits
9.1    The parties acknowledge that Company will comprehensively assess the adequacy of its data Processing, including the security of the systems and premises used by Company to provide data Processing services.
9.2    The parties further acknowledge that these audits:
(a)    are performed at least once every three
 year period;
(b)    are conducted with all due and necessary independence and professionalism; and
(c)    are documented in an audit (“
9.3    At Client’s written request and at Client’s sole expense, Company will (on a confidential basis) provide Client with a summary of the Report so that Client can verify Company’s compliance with the audit standards against which it has been assessed, and this DPA.
9.4    Company will further provide written responses (on a confidential basis) to reasonable requests for information made by Client, no more than once per year, including responses to information security and audit questionnaires that are necessary to confirm Company’s compliance with this DPA.
9.5    While it is the parties' intention to rely on the provision of the Report and written responses provided under Sections 9.3 and 9.4 above to verify Company’s compliance with this DPA, Company shall permit Client (or Client’s appointed third party auditors, which must be reasonably acceptable to Company), at Client’s sole expense, to carry out an audit of Company’s Processing of Personal Data under the Agreement following a Security Incident suffered by Company, or upon the instruction of a data protection authority, to determine Company’s compliance with this DPA. Client must give Company reasonable prior notice of such intention to audit, conduct the audit during normal business hours, and take all reasonable measures to prevent unnecessary disruption to Company’s operations. Any such audit shall be subject to Company’s security and confidentiality terms and guidelines.  Following completion of the audit, upon request, Client will promptly provide Company with a complete copy of the results of that audit. Notwithstanding the foregoing, Company will not be required to disclose any proprietary or privileged information, including to Client or any of Client’s auditors, agents, or vendors.


10.    Deletion / return of data
10.1    Deletion or return of data: Upon the termination or expiration of the Agreement, upon Client’s request, provided such request is made within 30 days of the date of termination or expiration of the Agreement, Company will, upon Client’s request, delete or destroy all copies of Personal Data in its possession or control, save to the extent that: (i) Company is required by any applicable law to retain some or all of the Personal Data, (ii) Company is reasonably required to retain some or all of the Personal Data for limited operational and compliance purposes, or (iii) Personal Data has been archived on back-up systems. In all such cases, Company shall maintain the Personal Data securely and limit processing to the purposes that prevent deletion or return of the Personal Data.




Nature and purposes of Processing

The data Processing will involve any such Processing that is necessary for the purposes set out in the Agreement, the DPA, or as otherwise agreed between the parties.

Categories of Data Subjects

Any categories of individuals whose data Client gives Company access to.


Categories of data

The Personal Data concerns the following categories of data for the Data Subjects:

 - Any Personal Data that Client chooses to include in Client’s instance of the Services.

The Personal Data transferred to Company for Processing is determined and controlled by Client in Client’s sole discretion. 


Special categories of data (if appropriate)

Company does not intentionally collect or process any special categories of data in the provision of the Services.

Client agrees not to provide Sensitive Data to Company at any time.


Duration of Processing

The Personal Data will be Processed for the term of the Agreement, or as otherwise required by law or agreed between the parties.

Horton Cloud Solutions Inc. relies on certain sub-processors to provide key services. For Clients that are subject to the General Data Protection Regulation or any similar privacy and/or data security regulations, provided here is a list of all the sub-processors currently relied upon to perform various Personal Data processing functions in support of the services agreed upon.

The sub-processors listed below have or potentially will have access to or process Clients Personal Data. Depending on, among other things, the location of the Clients data and the nature of the Client’s needs, Personal Data may be shared with some but not all of these Sub-processors.


All of the sub-processors are subject to contractual requirements to process Clients personal data in accordance with Company instructions and applicable law.


Updates will be posted in the event Sub-processors are added or modified.

•    Microsoft


bottom of page